Senior Cybersecurity Expert

About the Job:
A leading UAE-based consumer technology company, the company is focused on building the digital infrastructure of everyday life, with an emphasis on AI-powered fintech, communication, and digital services. Guided by our philosophy, the Blueprint of Simplicity, we design technology around real human behavior, enhancing connectivity and financial access. Our flagship platform, botim, is the region’s most trusted fintech communication platform, serving over 150 million users worldwide.

Role Summary:
We are seeking a hands-on Senior Cybersecurity Engineer with deep expertise in offensive security, secrets management, and secure platform engineering. The ideal candidate will be a technical expert capable of designing and implementing security controls, validating them through adversarial testing, and integrating them into modern cloud-native environments.

Responsibilities:

• Offensive Security & Adversarial Simulation

  • Conduct Red Team operations: initial access, lateral movement, privilege escalation, Active Directory attack paths, and identity compromise.
  • Support and enhance Blue Team detection capabilities.
  • Perform attack simulations & purple teaming to validate detection and response.
  • Develop custom attack scripts/tools for advanced scenarios.

• Secrets & Key Management (Core Focus)

  • Design and implement enterprise-grade secrets management architecture (PAM, Cloud Key Management, HSM-backed key protection).
  • Define and enforce key lifecycle management and secure storage and usage of credentials.

• DevSecOps & Secure Engineering

  • Integrate security into CI/CD pipelines: SAST, DAST, SCA, IaC scanning.
  • Work closely with engineering teams to embed security controls by design.

• Infrastructure Security & DR Validation

  • Design and execute Disaster Recovery (DR) and Resilience Testing.
  • Validate security controls under failure scenarios and identify weaknesses.

• Security Assessment & Architecture Review

  • Perform deep technical assessments across various security domains.
  • Provide actionable remediation guidance based on real attack paths.

• Security Research & Continuous Improvement

  • Track emerging threats, vulnerabilities, and exploitation techniques.
  • Conduct internal research and produce technical documentation.

Requirements:

• Technical Requirements:

  • Strong experience in web vulnerabilities, system/network penetration, Active Directory attacks, and familiar with penetration testing tools.
  • Hands-on experience with PAM solutions, Azure Key Vault, AWS KMS, and knowledge of cryptographic key lifecycle.
  • Experience integrating security tools into CI/CD pipelines and familiarity with container security.

• Qualification Requirements:

  • Bachelor’s degree or above in Computer Science, Information Security, or related field.
  • 5+ years of hands-on cybersecurity engineering experience.
  • Strong experience in penetration testing, red teaming, or security engineering.

• Preferred Certifications:

  • OSCP (highly preferred), CEH, Security+, CISA (optional).

Key Characteristics:

• Strong hands-on technical depth and ability to work independently on complex technical problems.
• Security engineering mindset rather than compliance-driven.

Language Requirements:
Not specified, but proficiency in English is likely expected given the work location and nature of the job.